Read all about it. Capcom is the latest victim of a ransomware attack. The Japanese video game maker – developer of popular titles like Resident Evil, Street Fighter, and Monster Hunter World – fears that as many as 350,000 of its customers have been affected by the most recent high-profile ransomware attack.
Disturbing as it is, this unwelcome assault on Capcom is nothing new. Many gaming companies have fallen victim to cyber-attacks in the past. And regrettably, we can be 100% certain that this won’t be the last time that criminal hackers compromise the privacy and security of online gaming companies and their customers.
The games industry has been having a hard time of things of late. Other recent hacking victims include Ubisoft (makers of Far Cry, Tom Clancy’s Division, and Watch Dogs) and Crytek (Crysis and Hunt: Showdown). And why gaming companies? Because hackers like the fact that gamers tend to be active on social media, have disposable income, and often have ID’s that are easily transferable to other sites (this last factor is known as credential stuffing). The hacking of gamers has intensified as more and more people turn to online gaming during the Covid pandemic.
Still In The Game
For many companies who’ve been hacked, the sad conclusion is that they have no choice but to give in and pay the ransom. That’s an extremely expensive lesson to learn. Capcom itself has apparently not gone as far as paying a ransom, having seemingly found a way out of the crisis. And in that respect, the company can count itself very fortunate – the damage could have been far worse. Nonetheless, its reputation has been harmed, and some customers may choose to take their business elsewhere because of the security breach. Then there is also the risk that stolen source code may be used to produce pirated versions of its most popular games.
It’s easy to be wise after the event, but gaming companies – in fact, any company operating online – would do well to remember that security should always be paramount. That might sound obvious, but the sheer number of well-publicized incidents surely underscores just how many companies failed to grasp the mission-critical importance of cybersecurity!
Are You The Weakest Link?
Everyone is familiar with the “Weakest Link” game show, with its premise that “a chain is only as strong as its weakest link.” When it comes to cybersecurity, many businesses would do well to remember that little pearl of wisdom. Alas and alack, the most enthusiastic supporters of that wise old saying are the hackers themselves!
Cybersecurity, especially for cloud-based services like gaming, is a holistic exercise. The majority of the world’s top gaming firms use the cloud-based solutions of AWS (Amazon Web Services) to underpin their product offerings. It’s easy to see why. Price, convenience, scalability, speed, reliability, and add-ons all score highly, but AWS also offers unrivaled levels of security … to a point.
Whilst AWS’s infrastructure and the services thereon may be secure, the same may not be true of data associated with the actual games that run over the cloud. In the case of online gaming, that means that security is the responsibility of AWS, the end-user, and most critically, the gaming company. And it’s in those last two areas where the weakest links may be found. If gaming companies can secure the data on AWS, then they are well on the way to keeping both corporate resources and end-users safe.
Play Safe, Stay Safe
Working with dedicated network security companies greatly enhances corporate and personal levels of protection, at the same time hugely reducing the risks of being hacked. AWS itself recognizes the value of such third-party security solutions, by licensing the best security software developers as Advanced Technology Partners. If your company is using AWS, you should definitely be talking to these licensed partners.
Of course, it’s not just gaming companies who can enjoy the benefits of working with AWS. Virtually every sort of company can profit from promoting their services via AWS’s highly flexible, scalable, cost-effective, and convenient cloud-based architecture. But it’s important to remember that cloud-based services require a different approach to security, one that may not be familiar to IT staff who are more comfortable with methodologies based on traditional data centers, business models, and hardware.
All of that said, even if you are using the very latest technologies, most of the old rules around security still apply. That means agreeing who is responsible for what, constantly monitoring usage, being aware that a threat could come from within, making sure your systems have multi-factor authentication, and regularly updating your security policies. Combine those common-sense actions with the latest cloud-based security software solutions, and you can sleep – and game – securely at night!